On Mon, Dec 14, 2009 at 11:49:30PM -0800, Bill Broadley wrote:
> IMO hostbased firewalls offer very little protection, but if they reduce your
> legal liability then by all means do it. Pretty much any firewall it turned
> off by any of the popular malware if you happen to run it. So of course the
> key is to not run any evil software. That means not responding to emails
> claiming to show embarrassing videos of public figures, earthquake victims,
> or pretty much anything that leads to opening a remote file. So browser
> plugins, local apps, screen savers, cute little utilities, etc.
Worse is when it's phishing attempts: "Your facebook account has been
locked due to security reasons. Run the attached EXE to re-enable your
account." (Replace "facebook" with your ISP, your bank, etc.)
The few times I've seen something that looks even remotely legit
("hey, _I_ have a 'sonic.net' account!"), the email is not usually
coming from where it purports to. (e.g., why is Wells Fargo emailing me
from a host called xyz.random.co.uk?)
I'm also lucky because I use a plaintext email client (Mutt), so I don't
see HTML email; not as live HTML, at least. (That helps reduce the chance
of 'beacons' being used to determine that I even ever got the email.
e.g., if the HTML of the email includes
<img src="http://hackers.tld/invisible.gif&quot; width=1 height=1>, they'd know
the instant a user's browser or email client fetched that remote image from
their server.)
It was fun when I received some facebook phishing email... the form and links
in the HTML all went to http://www.facebook.com.some.other.domain.tld/
I'm smart enough to not fall for that, but what percentage of the general
public would understand the difference between ".com." and ".com/" in
an URL? :(
<snip>
> Do you have to use IE? My best guess is that they are recommending whole disk
> encryption, I can't think of anything else that could reasonably be called an
> encryption device.
Perhaps it's some kind of wifi-encrypting tent you erect over your laptop. ;)
This might also be useful:
http://geek-ware.blogspot.com/2008/04/laptop-privacy-sweater.html
(More seriously, you could also get a cover for your screen that tweaks the
optics such that only you (or anyone _directly_ behind you) can see what's
on the screen. Most ATMs do this.)
--
-bill!
Sent from my computer
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech